﻿using System;
using System.Web;
using System.Web.Security;

namespace ChapterX.Common
{
    public class AuthManager
    {
        public static void UserLogin(String userName, String roles)
        {
            HttpCookie authCookie = FormsAuthentication.GetAuthCookie(userName, false);
            FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(authCookie.Value);
            FormsAuthenticationTicket newTicket = new FormsAuthenticationTicket(
                ticket.Version, ticket.Name, ticket.IssueDate, ticket.Expiration, ticket.IsPersistent, roles);
            authCookie.Value = FormsAuthentication.Encrypt(newTicket);
            HttpContext.Current.Response.Cookies.Add(authCookie);
        }

        protected static void UserLogout()
        {
            FormsAuthentication.SignOut();
            HttpContext.Current.Session.Clear();
        }

        public static void UserLoginAndRedirect(String userName, String roles)
        {
            UserLogin(userName, roles);
            // DO NOT CALL
            // FormsAuthentication.RedirectFromLoginPage(userName, false);
            // Since it will REWRITE out cookie.
            HttpContext.Current.Response.Redirect(
                FormsAuthentication.GetRedirectUrl(userName, false));
        }

        public static void UserLogoutAndRedirect()
        {
            UserLogout();
            // DO NOT CALL
            // FormsAuthentication.RedirectToLoginPage();
            HttpContext.Current.Response.Redirect(FormsAuthentication.LoginUrl);
        }

        public static bool IsCurrentUserInRole(String roleName)
        {
            FormsAuthenticationTicket authTicket = AuthTicket;
            if (null == authTicket)
            {
                // Cookie failed to decrypt.
                return false;
            }

            // When the ticket was created, the UserData property was assigned a
            // pipe delimited string of role names.
            String[] roles = authTicket.UserData.Split(new char[] { '|' });
            foreach (String role in roles)
            {
                if (role.Equals(roleName))
                {
                    return true;
                }
            }

            return false;
        }

        public static FormsAuthenticationTicket AuthTicket
        {
            get
            {
                // Extract the forms authentication cookie.
                String cookieName = FormsAuthentication.FormsCookieName;
                HttpCookie authCookie = HttpContext.Current.Request.Cookies[cookieName];
                if (null == authCookie)
                {
                    // There is no authentication cookie.
                    return null;
                }

                FormsAuthenticationTicket authTicket = null;
                try
                {
                    authTicket = FormsAuthentication.Decrypt(authCookie.Value);
                }
                catch
                {
                    // Log exception details (omitted for simplicity).
                    return null;
                }

                // Decryption might fail, and authTicket could still be null.
                // Check before use it.
                return authTicket;
            }
        }
    }
}

